Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2014 01 ([color=red]ATTENTION: ====> FRST version is 107 days old and could be outdated[/color]) Ran by Tomek (administrator) on PC on 18-04-2014 22:44:54 Running from C:\Documents and Settings\Tomek\Pulpit Microsoft Windows XP Professional Dodatek Service Pack 3 (X86) OS Language: Polish Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (NVIDIA Corporation) C:\WINDOWS\system32\nvraidservice.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp.) C:\WINDOWS\soundman.exe () C:\Program Files\Winamp\winampa.exe (Microsoft) C:\RealtekSoundDriver\Updater.exe (Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [NVRaidService] - C:\WINDOWS\system32\nvraidservice.exe [83968 2004-06-11] (NVIDIA Corporation) HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [UnlockerAssistant] - C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] () HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [SoundMan] - C:\WINDOWS\soundman.exe [577536 2007-04-16] (Realtek Semiconductor Corp.) HKLM\...\Run: [BluetoothAuthenticationAgent] - rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [12288 2003-04-02] () HKCU\...\Run: [FlashUpdaterr] - C:\RealtekSoundDriver\Updater.exe [24576 2014-02-16] (Microsoft) BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:8087;https=127.0.0.1:8087; HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Adres - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Łącza - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\d98ly6hc.default-1392497978812 FF Homepage: hxxp://www.wp.pl/ FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=6.0.11.2027 - C:\Program Files\Real Alternative\browser\plugin\nppl3260.dll No File FF Plugin: @real.com/nprpjplug;version=6.0.12.1040 - C:\Program Files\Real Alternative\browser\plugin\nprpjplug.dll No File FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wolnelektury-pl.xml FF Extension: Adblock Plus - C:\Documents and Settings\Tomek\Dane aplikacji\Mozilla\Firefox\Profiles\d98ly6hc.default-1392497978812\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ========================== Services (Whitelisted) ================= S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.) R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" ==================== Drivers (Whitelisted) ==================== S3 adusbnet; C:\Windows\System32\DRIVERS\adusbnet.sys [129024 2010-12-20] (QUALCOMM Incorporated) S3 adusbser; C:\Windows\System32\DRIVERS\adusbser.sys [107776 2010-12-20] (QUALCOMM Incorporated) R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [4122368 2008-09-24] (Realtek Semiconductor Corp.) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-25] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-25] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149272 2013-11-25] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-19] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-11-01] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.) R0 nvatabus; C:\Windows\System32\DRIVERS\nvatabus.sys [79360 2004-06-03] (NVIDIA Corporation) R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [33024 2004-07-29] (NVIDIA Corporation) R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [12928 2004-07-29] (NVIDIA Corporation) R0 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [21760 2004-04-02] (NVIDIA Corporation) S1 AmdK8; system32\DRIVERS\AmdK8.sys [x] S4 IntelIde; No ImagePath S3 SG762_XP; system32\DRIVERS\WlanBZXP.sys [x] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-18 22:44 - 2014-04-18 22:45 - 00007834 _____ C:\Documents and Settings\Tomek\Pulpit\FRST.txt 2014-04-18 22:44 - 2014-04-18 22:44 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Tomek\Pulpit\OTL(1).exe 2014-04-18 22:42 - 2014-04-18 22:42 - 00000298 _____ C:\Documents and Settings\Tomek\Pulpit\pliki odmowa.txt 2014-04-18 22:42 - 2014-01-02 12:04 - 01064481 _____ (Farbar) C:\Documents and Settings\Tomek\Pulpit\FRST.exe 2014-04-18 22:35 - 2014-04-18 22:35 - 00000000 ___RD C:\Documents and Settings\Tomek\Menu Start\Programy\Narzędzia administracyjne 2014-04-18 22:29 - 2014-04-18 22:29 - 00090112 _____ C:\WINDOWS\Minidump\Mini041814-01.dmp 2014-04-18 22:29 - 2014-04-18 22:29 - 00000000 ____D C:\WINDOWS\Minidump 2014-04-16 22:18 - 2014-04-16 22:21 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2014-04-14 22:54 - 2014-04-14 22:54 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2014-04-14 22:40 - 1998-09-30 12:24 - 00242448 _____ (Microsoft Corporation) C:\WINDOWS\system32\scedll.dll 2014-04-14 22:40 - 1998-03-31 16:37 - 00029968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Rshx32_5.dll 2014-04-10 06:41 - 2014-04-10 06:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2922229$ 2014-04-10 06:35 - 2014-04-10 06:36 - 00010060 _____ C:\WINDOWS\KB2936068-IE8.log 2014-04-10 06:26 - 2014-04-10 06:42 - 00011667 _____ C:\WINDOWS\KB2922229.log 2014-04-01 08:34 - 2014-04-01 08:34 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2014-04-01 00:52 - 2014-04-01 00:53 - 00000000 ____D C:\Program Files\Mozilla Firefox 2014-04-01 00:47 - 2014-04-01 22:56 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt 2014-04-01 00:47 - 2014-04-01 00:47 - 00000000 ____D C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\AVG 2014-04-01 00:47 - 2014-04-01 00:47 - 00000000 ____D C:\Documents and Settings\Tomek\Dane aplikacji\AVG 2014-04-01 00:45 - 2014-04-01 01:02 - 00000000 __SHD C:\Documents and Settings\All Users\Dane aplikacji\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-04-01 00:45 - 2014-04-01 00:47 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\AVG 2014-03-28 20:32 - 2014-04-14 19:29 - 00000095 _____ C:\WINDOWS\winamp.ini 2014-03-28 20:32 - 2014-03-28 20:32 - 00000000 ____D C:\Program Files\Winamp 2014-03-28 20:32 - 2014-03-28 20:32 - 00000000 ____D C:\Documents and Settings\Tomek\Menu Start\Programy\Winamp 2014-03-28 15:30 - 2014-03-28 15:30 - 00000000 ____D C:\Documents and Settings\Default User\Dane aplikacji\TuneUp Software 2014-03-27 21:32 - 2014-04-18 22:29 - 00000222 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-03-27 21:32 - 2014-04-08 15:00 - 00000216 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2014-03-27 15:37 - 2014-03-27 15:38 - 00004040 _____ C:\WINDOWS\KB2934207.log 2014-03-27 15:37 - 2014-03-27 15:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2934207$ 2014-03-26 00:44 - 2014-03-28 22:11 - 00036352 ___SH C:\Documents and Settings\Tomek\Pulpit\Thumbs.db 2014-03-19 00:13 - 2008-04-14 01:16 - 00037888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthmodem.sys 2014-03-19 00:13 - 2008-04-14 01:16 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys 2014-03-19 00:04 - 2008-04-14 23:51 - 00152064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irftp.exe 2014-03-19 00:04 - 2008-04-14 23:51 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\irftp.exe 2014-03-19 00:04 - 2008-04-14 23:51 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wshirda.dll 2014-03-19 00:04 - 2008-04-14 23:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshirda.dll 2014-03-19 00:04 - 2008-04-14 23:50 - 00028672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irmon.dll 2014-03-19 00:04 - 2008-04-14 23:50 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll 2014-03-19 00:04 - 2008-04-14 01:21 - 00101120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthpan.sys 2014-03-19 00:04 - 2008-04-14 01:21 - 00101120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys 2014-03-19 00:04 - 2008-04-14 01:16 - 00059136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rfcomm.sys 2014-03-19 00:04 - 2008-04-14 01:16 - 00059136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys 2014-03-19 00:04 - 2008-04-14 01:16 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthusb.sys 2014-03-19 00:04 - 2008-04-14 01:16 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2014-03-19 00:04 - 2008-04-14 01:16 - 00017024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthenum.sys 2014-03-19 00:04 - 2008-04-14 01:16 - 00017024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthEnum.sys ==================== One Month Modified Files and Folders ======= 2014-04-18 22:45 - 2014-04-18 22:44 - 00007834 _____ C:\Documents and Settings\Tomek\Pulpit\FRST.txt 2014-04-18 22:44 - 2014-04-18 22:44 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Tomek\Pulpit\OTL(1).exe 2014-04-18 22:44 - 2014-01-02 11:38 - 00000000 ____D C:\Documents and Settings\Tomek\Moje dokumenty\Pobieranie 2014-04-18 22:44 - 2013-12-31 18:02 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit 2014-04-18 22:42 - 2014-04-18 22:42 - 00000298 _____ C:\Documents and Settings\Tomek\Pulpit\pliki odmowa.txt 2014-04-18 22:41 - 2013-12-31 18:39 - 00000000 ____D C:\WINDOWS\security 2014-04-18 22:35 - 2014-04-18 22:35 - 00000000 ___RD C:\Documents and Settings\Tomek\Menu Start\Programy\Narzędzia administracyjne 2014-04-18 22:35 - 2013-12-31 18:02 - 00000000 ___RD C:\Documents and Settings\Tomek\Menu Start\Programy 2014-04-18 22:31 - 2013-12-31 17:56 - 01734101 _____ C:\WINDOWS\WindowsUpdate.log 2014-04-18 22:30 - 2014-01-08 10:32 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-04-18 22:29 - 2014-04-18 22:29 - 00090112 _____ C:\WINDOWS\Minidump\Mini041814-01.dmp 2014-04-18 22:29 - 2014-04-18 22:29 - 00000000 ____D C:\WINDOWS\Minidump 2014-04-18 22:29 - 2014-03-27 21:32 - 00000222 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — logowanie.job 2014-04-18 22:29 - 2013-12-31 18:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2014-04-18 22:08 - 2013-12-31 17:54 - 00000000 ____D C:\WINDOWS\system32\Restore 2014-04-17 22:42 - 2013-12-31 18:02 - 00000188 ___SH C:\Documents and Settings\Tomek\ntuser.ini 2014-04-17 22:42 - 2013-12-31 18:01 - 00032604 _____ C:\WINDOWS\SchedLgU.Txt 2014-04-16 22:21 - 2014-04-16 22:18 - 00000000 ____D C:\WINDOWS\system32\NtmsData 2014-04-15 23:02 - 2013-12-31 18:48 - 00000216 _____ C:\WINDOWS\wiadebug.log 2014-04-15 22:47 - 2013-12-31 18:48 - 00000050 _____ C:\WINDOWS\wiaservc.log 2014-04-15 22:22 - 2014-01-03 00:00 - 00000000 ____D C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\Adobe 2014-04-15 22:17 - 2014-01-02 10:07 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\MFAData 2014-04-14 22:54 - 2014-04-14 22:54 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2014-04-14 22:40 - 2013-12-31 18:43 - 00782182 _____ C:\WINDOWS\setupapi.log 2014-04-14 22:40 - 2013-12-31 18:39 - 00000000 ____D C:\WINDOWS\Help 2014-04-14 19:29 - 2014-03-28 20:32 - 00000095 _____ C:\WINDOWS\winamp.ini 2014-04-14 04:51 - 2001-07-21 21:17 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2014-04-10 06:42 - 2014-04-10 06:26 - 00011667 _____ C:\WINDOWS\KB2922229.log 2014-04-10 06:42 - 2013-12-31 18:46 - 01009663 _____ C:\WINDOWS\iis6.log 2014-04-10 06:42 - 2013-12-31 18:46 - 00926641 _____ C:\WINDOWS\FaxSetup.log 2014-04-10 06:42 - 2013-12-31 18:46 - 00481077 _____ C:\WINDOWS\ocgen.log 2014-04-10 06:42 - 2013-12-31 18:46 - 00429604 _____ C:\WINDOWS\tsoc.log 2014-04-10 06:42 - 2013-12-31 18:46 - 00320238 _____ C:\WINDOWS\comsetup.log 2014-04-10 06:42 - 2013-12-31 18:46 - 00292618 _____ C:\WINDOWS\msmqinst.log 2014-04-10 06:42 - 2013-12-31 18:46 - 00192304 _____ C:\WINDOWS\ntdtcsetup.log 2014-04-10 06:42 - 2013-12-31 18:46 - 00163074 _____ C:\WINDOWS\netfxocm.log 2014-04-10 06:42 - 2013-12-31 18:46 - 00064387 _____ C:\WINDOWS\MedCtrOC.log 2014-04-10 06:42 - 2013-12-31 18:46 - 00058013 _____ C:\WINDOWS\ocmsn.log 2014-04-10 06:42 - 2013-12-31 18:46 - 00048472 _____ C:\WINDOWS\tabletoc.log 2014-04-10 06:42 - 2013-12-31 18:46 - 00046603 _____ C:\WINDOWS\msgsocm.log 2014-04-10 06:42 - 2013-12-31 18:46 - 00001374 _____ C:\WINDOWS\imsins.log 2014-04-10 06:41 - 2014-04-10 06:41 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2922229$ 2014-04-10 06:40 - 2014-02-01 22:46 - 00000000 ____D C:\WINDOWS\system32\MRT 2014-04-10 06:36 - 2014-04-10 06:35 - 00010060 _____ C:\WINDOWS\KB2936068-IE8.log 2014-04-10 06:36 - 2014-02-01 22:46 - 88028728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-04-10 06:36 - 2013-12-31 18:46 - 00001374 _____ C:\WINDOWS\imsins.BAK 2014-04-10 06:35 - 2014-02-01 23:13 - 00000000 ____D C:\WINDOWS\ie8updates 2014-04-10 06:35 - 2014-02-01 22:45 - 00087963 _____ C:\WINDOWS\updspapi.log 2014-04-08 15:00 - 2014-03-27 21:32 - 00000216 _____ C:\WINDOWS\Tasks\Powiadomienie o zakończeniu obsługi systemu Microsoft Windows XP — co miesiąc.job 2014-04-02 22:48 - 2013-12-31 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Pulpit 2014-04-02 00:18 - 2013-12-31 18:02 - 00000000 ____D C:\Documents and Settings\Tomek 2014-04-01 22:56 - 2014-04-01 00:47 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt 2014-04-01 22:49 - 2014-03-12 00:24 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Mirillis 2014-04-01 22:49 - 2014-03-12 00:23 - 00000000 ____D C:\Program Files\Mirillis 2014-04-01 22:49 - 2014-02-02 23:18 - 00000000 ____D C:\Program Files\Ahead 2014-04-01 22:49 - 2013-12-31 18:45 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Start\Programy 2014-04-01 22:48 - 2014-01-02 10:08 - 00000000 ____D C:\Program Files\AVG 2014-04-01 12:41 - 2013-12-31 18:46 - 01117242 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2014-04-01 12:41 - 2001-10-26 15:15 - 00500386 _____ C:\WINDOWS\system32\perfh015.dat 2014-04-01 12:41 - 2001-10-26 15:15 - 00089046 _____ C:\WINDOWS\system32\perfc015.dat 2014-04-01 08:34 - 2014-04-01 08:34 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\AVG 2014-04-01 01:02 - 2014-04-01 00:45 - 00000000 __SHD C:\Documents and Settings\All Users\Dane aplikacji\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} 2014-04-01 01:02 - 2014-02-01 22:21 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Java Development Kit 2014-04-01 01:02 - 2013-12-31 18:02 - 00000000 ___RD C:\Documents and Settings\Tomek\Menu Start 2014-04-01 00:53 - 2014-04-01 00:52 - 00000000 ____D C:\Program Files\Mozilla Firefox 2014-04-01 00:47 - 2014-04-01 00:47 - 00000000 ____D C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\AVG 2014-04-01 00:47 - 2014-04-01 00:47 - 00000000 ____D C:\Documents and Settings\Tomek\Dane aplikacji\AVG 2014-04-01 00:47 - 2014-04-01 00:45 - 00000000 ____D C:\Documents and Settings\All Users\Dane aplikacji\AVG 2014-04-01 00:47 - 2013-12-31 18:02 - 00000000 __RHD C:\Documents and Settings\Tomek\Dane aplikacji 2014-04-01 00:47 - 2013-12-31 18:02 - 00000000 ___HD C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji 2014-04-01 00:45 - 2013-12-31 18:43 - 00000000 __RHD C:\Documents and Settings\All Users\Dane aplikacji 2014-03-31 13:35 - 2014-03-11 14:36 - 00000000 ____D C:\Documents and Settings\Tomek\Pulpit\Nowy folder 2014-03-31 13:30 - 2014-02-01 21:26 - 00051662 _____ C:\WINDOWS\KB975025.log 2014-03-29 09:33 - 2013-12-31 18:02 - 00001599 _____ C:\Documents and Settings\Tomek\Menu Start\Programy\Pomoc zdalna.lnk 2014-03-29 09:33 - 2013-12-31 17:57 - 00001607 _____ C:\Documents and Settings\All Users\Menu Start\Określ dostęp do programów i ich ustawienia domyślne.lnk 2014-03-29 09:33 - 2013-12-31 17:57 - 00001507 _____ C:\Documents and Settings\All Users\Menu Start\Windows Update.lnk 2014-03-28 22:39 - 2014-01-20 21:14 - 00041472 _____ C:\Documents and Settings\Tomek\Moje dokumenty\Wydatki 2014.xls 2014-03-28 22:39 - 2013-12-31 18:02 - 00000000 ___RD C:\Documents and Settings\Tomek\Moje dokumenty 2014-03-28 22:19 - 2014-02-01 16:09 - 00015872 _____ C:\Documents and Settings\Tomek\Moje dokumenty\Opłaty stałe.xls 2014-03-28 22:11 - 2014-03-26 00:44 - 00036352 ___SH C:\Documents and Settings\Tomek\Pulpit\Thumbs.db 2014-03-28 21:58 - 2014-01-08 00:26 - 00023040 _____ C:\Documents and Settings\Tomek\Moje dokumenty\Remont domu.xls 2014-03-28 20:32 - 2014-03-28 20:32 - 00000000 ____D C:\Program Files\Winamp 2014-03-28 20:32 - 2014-03-28 20:32 - 00000000 ____D C:\Documents and Settings\Tomek\Menu Start\Programy\Winamp 2014-03-28 15:30 - 2014-03-28 15:30 - 00000000 ____D C:\Documents and Settings\Default User\Dane aplikacji\TuneUp Software 2014-03-28 15:30 - 2013-12-31 18:43 - 00000000 __RHD C:\Documents and Settings\Default User\Dane aplikacji 2014-03-27 15:38 - 2014-03-27 15:37 - 00004040 _____ C:\WINDOWS\KB2934207.log 2014-03-27 15:37 - 2014-03-27 15:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2934207$ 2014-03-22 01:10 - 2014-01-09 10:48 - 00000000 ____D C:\Program Files\Microsoft Office 2014-03-20 16:35 - 2001-07-21 21:16 - 00000573 _____ C:\WINDOWS\win.ini 2014-03-20 16:34 - 2014-01-09 11:07 - 00000000 ____D C:\Documents and Settings\All Users\Menu Start\Programy\Microsoft Office 2014-03-20 16:34 - 2013-12-31 18:46 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2014-03-20 00:04 - 2014-01-10 05:03 - 00000000 ____D C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\genienext 2014-03-19 23:50 - 2014-01-02 11:02 - 00063592 _____ C:\Documents and Settings\Tomek\Ustawienia lokalne\Dane aplikacji\GDIPFONTCACHEV1.DAT 2014-03-19 23:50 - 2013-12-31 18:43 - 00246312 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2014-03-19 22:45 - 2014-01-09 10:55 - 00000000 ____D C:\Program Files\Microsoft Works 2014-03-19 22:39 - 2013-12-31 18:39 - 00000000 ____D C:\WINDOWS\pchealth 2014-03-19 17:14 - 2014-02-01 22:54 - 00035028 _____ C:\WINDOWS\KB973904.log 2014-03-19 00:05 - 2014-01-08 00:27 - 00122880 _____ C:\Documents and Settings\Tomek\Moje dokumenty\Wydatki 2013.xls 2014-03-19 00:04 - 2013-12-31 18:43 - 00186036 _____ C:\WINDOWS\setupact.log Some content of TEMP: ==================== C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\DseShExt-x86.dll C:\Documents and Settings\Tomek\Ustawienia lokalne\Temp\SDShelEx-win32.dll ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe [2008-04-14 22:51] - [2008-04-14 22:51] - 1035264 ____A (Microsoft Corporation) c791ed9eac5e76d9525e157b1d7a599a C:\Windows\System32\winlogon.exe [2008-04-14 22:51] - [2008-04-14 22:51] - 0510464 ____A (Microsoft Corporation) 51fd2e13d723857b9ca239ae77150f48 C:\Windows\System32\svchost.exe [2008-04-14 22:51] - [2008-04-14 22:51] - 0014336 ____A (Microsoft Corporation) 8607d35d92528e2df386f19a960d23ce C:\Windows\System32\services.exe [2008-04-14 22:51] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 02a467e27af55f7064c5b251e587315f C:\Windows\System32\User32.dll [2008-04-14 22:50] - [2008-04-14 22:50] - 0580096 ____A (Microsoft Corporation) a435c5c069afd901751ac323ad238793 C:\Windows\System32\userinit.exe [2008-04-14 22:51] - [2008-04-14 22:51] - 0026624 ____A (Microsoft Corporation) 2a5b37d520508be6570a3ea79695f5b5 C:\Windows\System32\Drivers\volsnap.sys [2008-04-14 21:31] - [2008-04-14 21:31] - 0052864 ____A (Microsoft Corporation) 56b191ac5fc0df219949c95a6c87afe7 ==================== End Of Log ============================